i have a question is how to limit the maximum number of sessions per ip or per zone ?
hope someone can help me.
This can be done with DoS protection.
Also check out zone protection.
In general you apply broad zone protection and then use DoS protection to be more specific for specific IP or subnet.
thanks for your reply . in my opinion ,the maximum concurrent sessions in zone protection profiles which is limit the total number of session in this zone , not session per ip . Is it correct or not ?
the maximum concurrent sessions in zone-protection are a total cumilative for the entire zone
in dos-protection the aggregate functions for all cumulative sources towards a single destination and the classified functions as a per source per destination limitation
Reaper already gave you the information you were looking for.
I'm a big supporter of utilizing all of the possible scenarios when it comes to actually securing your network. If you have a reason to utilize zone protection you likely also have a reason to enabel DoS protection profiles. Zone Protection by nature will be very high-level protection as you have to set the limits within reason to not interupt normal traffic flow; with DoS profiles you can get way more granular and properly secure hosts instead of just the zone. I highly recommend utilizing both.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!